Registers a domain with AWS SES and verifies it
- Adds a domain to SES
- Adds an MX record pointing to either SES or a specified server
- Sets up DKIM, SPF and DMARC
- Adds an IAM policy for sending emails via SES
Important
This module does not set up any inbound email rules.
Module assumes you add additional resources to setup receiving emails with SES or provide an address to some other SMTP server which handles incoming emails.
| Name | Version |
|---|---|
| terraform | >= 0.12, <2.0 |
| aws | >= 2.40.0 |
| Name | Version |
|---|---|
| aws | >= 2.40.0 |
| Name | Source | Version |
|---|---|---|
| annotation_max_bounce_rate | ./../../cloudwatch/annotation | n/a |
| annotation_max_spam_rate | ./../../cloudwatch/annotation | n/a |
| annotation_warning_bounce_rate | ./../../cloudwatch/annotation | n/a |
| annotation_warning_spam_rate | ./../../cloudwatch/annotation | n/a |
| cloudwatch_consts | ./../../cloudwatch/consts | n/a |
| metrics_account_reputation | ./../../cloudwatch/metric/many | n/a |
| metrics_count | ./../../cloudwatch/metric/many | n/a |
| metrics_percentage | ./../../cloudwatch/metric_expression/many | n/a |
| widget_account_bounce_rate | ./../../cloudwatch/metric_widget | n/a |
| widget_account_spam_rate | ./../../cloudwatch/metric_widget | n/a |
| widget_conversion | ./../../cloudwatch/metric_widget | n/a |
| widget_delivery | ./../../cloudwatch/metric_widget | n/a |
| widget_delivery_percentage | ./../../cloudwatch/metric_widget | n/a |
| widget_spam | ./../../cloudwatch/metric_widget | n/a |
| Name | Type |
|---|---|
| aws_iam_policy.sender | resource |
| aws_route53_record.dkim_verification | resource |
| aws_route53_record.dmarc | resource |
| aws_route53_record.mx | resource |
| aws_route53_record.ses_verification | resource |
| aws_route53_record.txt | resource |
| aws_ses_configuration_set.domain | resource |
| aws_ses_domain_dkim.domain | resource |
| aws_ses_domain_identity.domain | resource |
| aws_ses_domain_identity_verification.domain | resource |
| aws_ses_event_destination.metrics | resource |
| aws_iam_policy_document.sender | data source |
| aws_region.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| create | Should resources be created | bool |
true |
no |
| dkim | Whether to add a DKIM record | bool |
true |
no |
| dmarc | Wheteher to add a DMARC record | bool |
true |
no |
| dmarc_percent | Percent of suspicious messages that the DMARC policy applies to. | number |
100 |
no |
| dmarc_policy | DMARC policy, one of: none, quarantine, reject | string |
"quarantine" |
no |
| dmarc_report_emails | E-mail addresses that SMTP servers should send DMARC reports to | list(string) |
[] |
no |
| dmarc_strict_dkim_alignment | Enables strict alignment mode for DKIM | bool |
false |
no |
| dmarc_strict_spf_alignment | Enables strict alignment mode for SPF | bool |
false |
no |
| dmarc_subdomain_policy | DMARC policy for subdomains, one of: none, quarantine, reject | string |
"quarantine" |
no |
| hosted_zone_id | Route53 hosted zone id that the domain belongs to | string |
n/a | yes |
| incomming_region | Region where SES incomming email handling is set up, defaults to the current region, which might not support it | string |
null |
no |
| mail_server | DEPRECATED, use mx_records = ['10 {mail_server}'] instead.Email server ip/domain, if omitted SES will be used for incomming emails |
string |
null |
no |
| mx | Whether to add a MX record | bool |
true |
no |
| mx_records | MX records that point to your email servers, if omitted SES will be used for incomming emails | list(string) |
null |
no |
| name | Domain name to register with SES | string |
n/a | yes |
| spf | Whether to add a TXT record with SPF. If you need additional TXT records, create your own aws_route53_record and add the spf_record output to it |
bool |
true |
no |
| spf_include | Domains to include in the SPF record, amazonses.com doesn't need to be specified | list(string) |
[] |
no |
| spf_ip4 | IPv4 addresses to include in the SPF record | list(string) |
[] |
no |
| spf_ip6 | IPv6 addresses to include in the SPF record | list(string) |
[] |
no |
| Name | Description |
|---|---|
| configuration_set | Configuration set to use to track metrics for this domain |
| email_headers | Headers that should be included in each email |
| metrics | Cloudwatch metrics, see metrics.tf for details |
| sender_policy_arn | IAM policy ARN for email senders |
| sender_policy_name | IAM policy name for email senders |
| smtp_host | SMTP host to use for sending emails |
| spf_record | SPF record which you should include in the domain's TXT record in case you specified spf = false |
| widgets | Cloudwatch dashboard widgets, see widgets.tf for details |